0

I have used following code which was working fine in year 2014 but currently its not working.

Credentials used in this code are also correct.

public class SendMail 
{  
public void SendMailToTheUserWhoHaveForgotThePassword(String MailTo,String Password)
  {      
      String to = MailTo;  
      String from = "[email protected]";
      final String username = "chatna06062016";     
      final String password = "xxxxxxxx";  

      String host = "smtp.gmail.com";  
      Properties props = new Properties();
      props.put("mail.smtp.auth", "true");
      props.put("mail.smtp.starttls.enable", "true"); 
      props.put("mail.smtp.host", host);   
      props.put("mail.smtp.port", "25");  
      Session session = Session.getInstance(props,new javax.mail.Authenticator() 
                    {             
                        protected PasswordAuthentication getPasswordAuthentication() 
                        {                
                            return new PasswordAuthentication(username, password);     
                        }          
                    }
                                            );  

      try 
      {   
          Message message = new MimeMessage(session);            
          message.setFrom(new InternetAddress(from));       
          message.setRecipients(Message.RecipientType.TO,InternetAddress.parse(to));        
          message.setSubject("FORGOTTEN PASSWORD"); 


          message.setText("Dear User The Password that you have forgotten is <b>"+Password +"</b>"+ 
                "This email is sended you by using JavaMailAPI "
                  + "HAVE A NICE DAY"
                  + "DO USE THIS SERVICE WHENEVER YOU NEED IT");  

    Transport.send(message);  
      System.out.println("Sent message successfully...."); 

      }
      catch (MessagingException e) { 
         throw new RuntimeException(e); 
      }

       }

}

I have got email from google like this on the usage of the method used in above class.

Email Received from Google

Hi ChatNa,
Someone just tried to sign in to your Google Account [email protected] from an app that doesn't meet modern security standards.
    Details:
Sunday, June 26, 2016 12:57 PM (India Standard Time)
Noida, Uttar Pradesh, India*
We strongly recommend that you use a secure app, like Gmail, to access your account. All apps made by Google meet these security standards. Using a less secure app, on the other hand, could leave your account vulnerable. Learn more.

Google stopped this sign-in attempt, but you should review your recently used devices:

What to do now unable to find out anything helpful anywhere.

Improve this question
5
  • 1
    GMail wants you to be more secured by using SSL/TLS protocols. Swtich to use port 456 or 587 and add necessary properties to set up a secured mail connection. Commented Jun 26, 2016 at 8:20
  • any example @glee8e Commented Jun 26, 2016 at 8:31
  • I suppose there will be some on Google. I'm using a smart phone and it would be troublesome to code with a smart phone. Commented Jun 26, 2016 at 8:48
  • no problem buddy @glee8e your comment is be very helpful to me as you have given me a hint to solve this problem which is enough for me to solve this problem. Commented Jun 26, 2016 at 8:51
  • did you find what are the settings needed to make this work with gmail? I just ran into the same problem... Commented Jan 13, 2017 at 16:55

2 Answers 2

Reset to default
3

you may need to do following setting in the gmail account:

goto : myaccount -> signIn & security -> connected apps & sites -> Allow less secure apps: ON

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

This works but it will make my gmail account less secure.
unfortunately this the security restriction added by gmail.
@HarshSharma yes enabling less secure apps make your account more vulnerable to attack.
0

The main issue here is that you are logging directly into the SMTP/IMAP mail server using the users login and password. This is not secure.

You should consider switching to useing XOauth2 then you can verify your application and it will no longer be considered insecure.

The XOAUTH2 mechanism allows clients to send OAuth 2.0 access tokens to the server. The protocol uses encoded values shown in the following sections.

    [connection begins]
    C: C01 CAPABILITY
    S: * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA XLIST
    CHILDREN XYZZY SASL-IR AUTH=XOAUTH2 AUTH=XOAUTH
    S: C01 OK Completed
    C: A01 AUTHENTICATE XOAUTH2 dXNlcj1zb21ldXNlckBleGFtcGxlLmNvb
    QFhdXRoPUJlYXJlciB5YTI5LnZGOWRmdDRxbVRjMk52YjNSbGNrQmhkSFJoZG
    1semRHRXVZMjl0Q2cBAQ==
    S: A01 OK Success
    [connection continues...]

Option number to was mentioned by others Just enable less secure apps. You can read all about it here Less secure apps & your Google Account and the dangers associated with enabling it.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.